Tag Archives: Department of Commerce (DOC)

A Brief Overview of the Privacy Shield

Written by
A one page summary is now available to help U.S. organizations initially evaluate whether the Privacy Shield represents a viable mechanism to legitimize their transfer of personal data from the European union. The summary lists the key features and requirements of the Privacy Shield, some of which were contained in the now-invalidated EU-U.S. Safe Harbor Framework, but have been made more stringent. Our Information Security & Privacy Team also is compiling a detailed checklist to help corporations identify the specific requirements to certify for the Privacy Shield. [...] Read more

FTC Proposes Settlement with Two Companies Over False Safe-Harbor Claims

Written by
On April 7, 2015, two U.S. companies agreed to settle Federal Trade Commission (“FTC”) allegations that they falsely claimed to be in compliance with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework. In the concurrently filed complaints against TES Franchising, LLC (“TES”), a franchisee coaching business, and American International Mailing, a mail delivery company, the FTC accused the companies of violating Section 5 of the FTC Act by indicating on their websites that they were currently certified under the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe [...] Read more

CDD Urges FTC to Investigate 30 Companies for Alleged Safe Harbor Violations

Written by
The Center for Digital Democracy (“CDD”), a private consumer privacy advocate, recently filed a complaint and “request for investigation” before the Federal Trade Commission (“FTC”) accusing 30 U.S. companies of violating provisions of the Safe Harbor framework. The 118-page complaint, filed August 14th, urges the FTC to take legal action against the companies, including Adobe Systems, AOL, and Salesforce. Administered by the Department of Commerce and primarily enforced by the FTC, the Safe Harbor program facilitates data transfers between E.U. and U.S. companies who have agreed [...] Read more

NIST releases final Cybersecurity Framework

Written by
The National Institute of Standards and Technology (“NIST”) has released the final version of the much-anticipated Framework for Improving Critical Infrastructure Cybersecurity (the “Framework”). The Framework was developed by NIST at the direction of President Obama’s February 12, 2013, Executive Order 13636, “Improving Critical Infrastructure Cybersecurity” (the “Executive Order”). The Framework largely retains the structure and components of the preliminary version of the Framework (a discussion of which can be found here), including (i) the Framework Core, (ii) the Framework [...] Read more